Popular White Paper On This Topic

The Symantec firewall is more functional and is part of the SEP client.
Windows requires some sort of firewall if you want to avoid irritating
messages and the Symantec firewall works fine. It's superior to the
firewall shipped with Windows.

My preferences for an antivirus don't include Symantec, but it is a fine
suite of applications and good addition to your hardening project.

Its good to use desktop firewall but most of the people avoid to use it.
Just because it creates additional burdon on IT administrator. Prior to use
any firewall you must be aware with all the applications & ports which are
being used on your sytems & then only you can use firewall effectively.

Its always better to use Symantec firewall than Windows. Still I will
suggest that use host IPS, Application Control & Device Control feature
available on SEP rather than using desktop firewall to achieve max
security. Also focus on OS & Application patching on regular interval, this
all will help to reduce threat surface & to keep secure your systems from
various threats.

I would definitely go for the managed AV/firewall solution. The Windows
firewal in W7 and W8 is "adequate", barely. Using it to protect a
corporate environment borders on ridiculous. Trying to manage *anything*
on a local, per machine basis is a total waste of your precious time.

I've heard mixed reports on Symantec's solution. Over the past 25 years,
I've built up an instinctive mistrust of Symantec/Norton software. There
are several alternatives out there that, I think, are better. We use
Sophos End Point Protect. It has one of the best interfaces out there
and it's served us well over the past 7-8 years. It even gives you the
right to provide it to your employees for their private machines. A nice
feature is that it can be set up to go to your local server for client
updates and, if the server isn't availble, go to the Sophos web site for
updates.

The ability to control the AV/Firewall/etc. features on your computers
will save you a *TON* of time. You also can see the status of each
computer. Is it up to date? Have there been any firewall violations or
software blocked?

Of course, the managed solutions cost money per device. Check out
several vendors. Be sure to get a trial copy and test it, especially the
time and CPU demand on the end point. One vendor we tested was fabulous
until we saw that a local virus scan basically took over the machine
until it finished.

There's no one silver bullet despite what some vendors might have us think.

One more point - the term "a waste of your precious time" sticks out to me. Efficiency is important, but most important is the business requirements to address business needs. Some environments require extraordinary levels of attention. Sometimes this is tedious and may seem borderline unnecessary.

It's our place to determine the most efficient, effective way to meet requirements and minimize risks, not define those requirements. A generalized statement about wasting time on distributed defense is most likely inaccurate and misleading.

Copyright 1998-2015 Ziff Davis, LLC (Toolbox.com). All rights reserved. All product names are trademarks of their respective companies. Toolbox.com is not
affiliated with or endorsed by any company listed at this site.